Twitch Addresses Massive Hack Incident
Twitch downplayed the severity of its massive security incident earlier this month, assuring users that “the customer impact is minimal” after a 125GB cache of its internal data was leaked online in a Friday update.
According to Twitch’s post, the said exposed data mostly consisted of documents from Twitch’s source code repository and payout figures for Twitch streamers. Twitch passwords were not exposed in the hack, and said it is “confident” that its systems that store user login credentials, credit card numbers, and bank information were not hacked.
Twitch said that they conducted a thorough review of the information contained in the files exposed and that they are confident that it only affected a small percentage of users, with minimal customer impact, and added that those who have been directly affected are being contacted.
Twitch’s internal investigation into the October 6 leak is still underway and that they have traced the problem back to a hiccup with a server configuration update, which allowed an anonymous hacker to gain access to the data, steal it, and dump it in bulk as a torrent on 4chan. The perpetrator claims that the massive leak was carried out to promote disruption and competition in the online video streaming space. To make matters worse, they called the streaming platform Twitch a “disgusting toxic cesspool” that had been “completely pwnd” by the security breach.
The leaked information, which included internal company documents and red teaming tools, sparked outrage in Twitch’s community about how much money some of the platform’s biggest stars make. According to data, Critical Role, a role-playing, tabletop game show, earned roughly $10 million from Twitch over the last two years, making it the platform’s highest-paid channel. From subscriptions and other Twitch features, top streamers like xQc and Hasanpiker have made millions of dollars dating back to 2019. The discovery that many of their favorite streamers are millionaires sparked a firestorm of debate among fans.
Twitch has patched the vulnerability with configuration updates and taken steps to strengthen its security systems in the weeks since.
Twitch recently stated that they take responsibility to protect users’ data very seriously and that they’ve taken steps to secure their service even more and apologize to their users and streamers.